diff options
author | David Pursehouse <dpursehouse@collab.net> | 2019-01-18 19:49:09 +0900 |
---|---|---|
committer | David Pursehouse <dpursehouse@collab.net> | 2019-01-18 19:49:09 +0900 |
commit | a53bbb050b1fb54cb52a11b8046072a88abdb769 (patch) | |
tree | 8ffe402491b51bd51e13591581a3ba8be3b487ba | |
parent | ec3ba0cc220017d289dfd5e968dbe5d94fc13d34 (diff) | |
parent | ed2d5cedd8d79ee224fcc2280a6f11e8175fc2b0 (diff) |
Merge branch 'stable-2.10' into stable-2.11
* stable-2.10:
Consume JGit artifacts from Maven Central
Add release notes for Gerrit v2.10.8
Add release notes for Gerrit v2.9.5
Set version to 2.10.8
Set version to 2.9.5
Change-Id: Ia8f3388b66c80b8322326c4c1a1c356c18893124
-rw-r--r-- | ReleaseNotes/ReleaseNotes-2.10.8.txt | 39 | ||||
-rw-r--r-- | ReleaseNotes/ReleaseNotes-2.9.5.txt | 67 | ||||
-rw-r--r-- | ReleaseNotes/index.txt | 2 | ||||
-rw-r--r-- | lib/jgit/BUCK | 2 |
4 files changed, 109 insertions, 1 deletions
diff --git a/ReleaseNotes/ReleaseNotes-2.10.8.txt b/ReleaseNotes/ReleaseNotes-2.10.8.txt new file mode 100644 index 0000000000..e7de0e1d29 --- /dev/null +++ b/ReleaseNotes/ReleaseNotes-2.10.8.txt @@ -0,0 +1,39 @@ +Release notes for Gerrit 2.10.8 +=============================== + +There are no schema changes from link:ReleaseNotes-2.10.7.html[2.10.7]. + +Download: +link:https://gerrit-releases.storage.googleapis.com/gerrit-2.10.8.war[ +https://gerrit-releases.storage.googleapis.com/gerrit-2.10.8.war] + +Bug Fixes +--------- + +* link:https://bugs.chromium.org/p/gerrit/issues/detail?id=10262[Issue 10262]: Fix validation of wants in git-upload-pack for protocol v0 stateless transports. ++ +See the following section for details. + +* Upgrade JGit to 4.5.5.201812240535-r. ++ +This upgrade includes several major versions since 4.0.0 used in Gerrit version 2.10.7. +Important fixes are summarized below. Please refer to the corresponding JGit release notes for full details. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.5[JGit 4.5.5]: link:https://bugs.chromium.org/p/gerrit/issues/detail?id=10262[Issue 10262]: Fix validation of wants in git-upload-pack for protocol v0 stateless transports. ++ +AdvertiseRefsHook was not called for git-upload-pack in protocol v0 stateless transports, meaning that wants were not validated and a user could fetch anything that is pointed to by any ref (using fetch-by-sha1), as long as they could guess the object name. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.4[JGit 4.5.4]: Fix LockFile semantics when running on NFS. ++ +Honor trustFolderStats also when reading packed-refs. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.3[JGit 4.5.3]: Fix exception handling for opening bitmap index files. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.2[JGit 4.5.2]: Fix pack marked as corrupted even if it isn’t. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.1[JGit 4.5.1]: Don’t remove Pack when FileNotFoundException is transient. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.1.0[JGit 4.1.0]: Handle stale NFS file handles on packed-refs file. ++ +Use java.io.File instead of NIO to check existence of loose objects in ObjectDirectory to speed up inserting of loose objects. +Reduce memory consumption when creating bitmaps during writing pack files.
\ No newline at end of file diff --git a/ReleaseNotes/ReleaseNotes-2.9.5.txt b/ReleaseNotes/ReleaseNotes-2.9.5.txt new file mode 100644 index 0000000000..18c469c78e --- /dev/null +++ b/ReleaseNotes/ReleaseNotes-2.9.5.txt @@ -0,0 +1,67 @@ +Release notes for Gerrit 2.9.5 +============================== + +Download: +link:https://gerrit-releases.storage.googleapis.com/gerrit-2.9.5.war[ +https://gerrit-releases.storage.googleapis.com/gerrit-2.9.5.war] + +Important Notes +--------------- + +*WARNING:* There are no schema changes from +link:ReleaseNotes-2.9.4.html[2.9.4], but when upgrading from an existing site +that was initialized with Gerrit version 2.6 to version 2.9.1 the primary key +column order will be updated for some tables. It is therefore important to +upgrade the site with the `init` program, rather than only copying the .war file +over the existing one. + +It is recommended to run the `init` program in interactive mode. Warnings will +be suppressed in batch mode. + +---- + java -jar gerrit.war init -d site_path +---- + +Bug Fixes +--------- + +* link:https://bugs.chromium.org/p/gerrit/issues/detail?id=10262[Issue 10262]: Fix validation of wants in git-upload-pack for protocol v0 stateless transports. ++ +See the following section for details. + +* Upgrade JGit to 4.5.5.201812240535-r. ++ +This upgrade includes several major versions since 3.4.2 used in Gerrit version 2.9.4. Important fixes are summarized below. Please refer to the corresponding JGit release notes for full details. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.5[JGit 4.5.5]: link:https://bugs.chromium.org/p/gerrit/issues/detail?id=10262[Issue 10262]: Fix validation of wants in git-upload-pack for protocol v0 stateless transports. ++ +AdvertiseRefsHook was not called for git-upload-pack in protocol v0 stateless transports, meaning that wants were not validated and a user could fetch anything that is pointed to by any ref (using fetch-by-sha1), as long as they could guess the object name. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.4[JGit 4.5.4]: Fix LockFile semantics when running on NFS. ++ +Honor trustFolderStats also when reading packed-refs. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.3[JGit 4.5.3]: Fix exception handling for opening bitmap index files. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.2[JGit 4.5.2]: Fix pack marked as corrupted even if it isn’t. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.5.1[JGit 4.5.1]: Don’t remove Pack when FileNotFoundException is transient. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/4.1.0[JGit 4.1.0]: Handle stale NFS file handles on packed-refs file. ++ +Use java.io.File instead of NIO to check existence of loose objects in ObjectDirectory to speed up inserting of loose objects. +Reduce memory consumption when creating bitmaps during writing pack files. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/3.7.1[JGit 3.7.1]: Fix massive performance problem in Gerrit caused by ObjectWalk.markUninteresting marking the root tree as uninteresting. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/3.7.0[JGit 3.7.0]: Provide more details in exceptions thrown when packfile is invalid. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/3.6.2[JGit 3.6.2]: link:[Issue 3094]: Don’t remove pack from pack list for problems which could be transient. ++ +Log reason for ignoring pack when IOException occurred. + +** link:https://projects.eclipse.org/projects/technology.jgit/releases/3.5.3[JGit 3.5.3]: Fix for vulnerability CVE-2014-9390. + +* Fix resource exhaustion due to unclosed LDAP connection. ++ +When auth.type is set to LDAP (not LDAP_BIND), two LDAP connections are made, but one was not being closed. This eventually caused resource exhaustion and LDAP authentications failed. diff --git a/ReleaseNotes/index.txt b/ReleaseNotes/index.txt index c272a25c63..41d80a6a2c 100644 --- a/ReleaseNotes/index.txt +++ b/ReleaseNotes/index.txt @@ -19,6 +19,7 @@ Version 2.11.x [[2_10]] Version 2.10.x -------------- +* link:ReleaseNotes-2.10.8.html[2.10.8] * link:ReleaseNotes-2.10.7.html[2.10.7] * link:ReleaseNotes-2.10.6.html[2.10.6] * link:ReleaseNotes-2.10.5.html[2.10.5] @@ -32,6 +33,7 @@ Version 2.10.x [[2_9]] Version 2.9.x ------------- +* link:ReleaseNotes-2.9.5.html[2.9.5] * link:ReleaseNotes-2.9.4.html[2.9.4] * link:ReleaseNotes-2.9.3.html[2.9.3] * link:ReleaseNotes-2.9.2.html[2.9.2] diff --git a/lib/jgit/BUCK b/lib/jgit/BUCK index 46bcc382f9..8af81c7202 100644 --- a/lib/jgit/BUCK +++ b/lib/jgit/BUCK @@ -1,6 +1,6 @@ include_defs('//lib/maven.defs') -REPO = ECLIPSE # Leave here even if set to MAVEN_CENTRAL. +REPO = MAVEN_CENTRAL # Leave here even if set to MAVEN_CENTRAL. VERS = '4.5.5.201812240535-r' maven_jar( |